The Total Economic Impact™ Of Absolute · For additional information, go to forrester.com. 1 | The Total Economic Impact™ Of Absolute Executive Summary Absolute is a cloud-based

A Forrester Total Economic Impact™ Study

Commissioned By Absolute

February 2018

The Total Economic Impact™ Of Absolute

Cost Savings And Business Benefits Enabled By The Absolute Endpoint Visibility And Control Platform

Table Of Contents Executive Summary 1

Key Findings 1

TEI Framework And Methodology 4

The Absolute Customer Journey 5

Interviewed Organizations 5

Key Challenges 5

Key Results 7

Composite Organization 8

Financial Analysis 9

Benefit 1: Security Operations Efficiency Improvement 9

Benefit 2: IT Help Desk Efficiency Improvement 10

Benefit 3: Asset Loss Reduction 11

Benefit 4: Asset Life Cycle Optimization 13

Unquantified Benefits 14

Flexibility 15

Cost 1: License-Related Costs 16

Cost 2: Implementation And Integration Costs 17

Financial Summary 19

Absolute: Overview 20

Absolute Ensures Endpoint Visibility, Control, And Compliance Beyond the Network 20

Appendix A: Total Economic Impact 21

Project Director:

Henry Huang

ABOUT FORRESTER CONSULTING

Forrester Consulting provides independent and objective research-based

consulting to help leaders succeed in their organizations. Ranging in scope from a

short strategy session to custom projects, Forrester’s Consulting services connect

you directly with research analysts who apply expert insight to your specific

business challenges. For more information, visit forrester.com/consulting.

© 2018, Forrester Research, Inc. All rights reserved. Unauthorized reproduction

is strictly prohibited. Information is based on best available resources.

Opinions reflect judgment at the time and are subject to change. Forrester®,

Technographics®, Forrester Wave, RoleView, TechRadar, and Total Economic

Impact are trademarks of Forrester Research, Inc. All other trademarks are the

property of their respective companies. For additional information, go to

forrester.com.

1 | The Total Economic Impact™ Of Absolute

Executive Summary

Absolute is a cloud-based endpoint security solution that helps enterprises

monitor, secure, and remediate endpoints — including those that have

gone dark off-network. Absolute commissioned Forrester Consulting to

conduct a Total Economic Impact™ (TEI) study and examine the potential

return on investment (ROI) enterprises may realize by deploying Absolute.

The purpose of this study is to provide readers with a framework to

evaluate the potential financial impact of Absolute on their organizations.

To better understand the benefits, costs, and risks associated with this

investment, Forrester interviewed several customers with years of

experience using the Absolute platform and its underlying Persistence®

technology to help secure endpoint devices in the age of increasingly

mobile workforces. Beyond endpoint security, the Absolute solution

provides a “self-healing” connection between endpoints and IT

professionals to ensure endpoint agents remain present and healthy,

reducing cybersecurity risks and improving security compliance.

Before using Absolute, issues often arose at the interviewed organizations

when devices left the enterprise network. Prior solutions were unable to

provide endpoint visibility and control, which resulted in compliance

failures. In some cases, these devices disappeared altogether, making

endpoint security a difficult task. Evaluating security posture and proving

compliance was a lengthy and difficult process, which led to missed

business opportunities and corporate data exposure that prompted

regulatory ramifications. By adopting Absolute, the interviewed

organizations gained a centralized platform that more effectively assessed

and secured a wide range of endpoints.

Key Findings

Quantified benefits. The following risk-adjusted quantified present value

(PV) benefits are representative of those experienced by the companies

interviewed:

› Security operations staff saved 12 minutes per incident response.

For many interviewees, triage and analytical work comprised a large

portion of security incident responses. The constant feedback loop from

endpoints via Absolute increased visibility for security professionals, who

were then able to conclude security incidents at a significantly faster

rate. The incident responders received information upon the endpoints’

first touch to the internet rather than minutes — or even days — later.

These efficiency gains amounted to $393,904 saved over three years.

› IT help desk saved 10 minutes per request with increased and more

up-to-date information from the endpoints. The Absolute platform fed

more current and accurate information to IT help desk professionals and

automated key workflows, leading to time savings worth $140,680 over

three years.

› Absolute reduced IT asset loss and the possibility of data

breaches. Managing IT assets became increasingly difficult for the

interviewed customers, prior to deploying Absolute. Some assets were

accidentally removed, while others were maliciously stolen. This led to

an increased risk of a data breach. As a self-healing solution that

reported back or triggered automated actions based on definable

endpoint telemetry rules, Absolute reduced losses, equating to a three-

year benefit of $939,060.

Key Benefits

Security operations efficiency improvement:

$393,904

IT asset life cycle optimization:

$2,049,085

IT help desk efficiency improvement:

$140,680


› Visibility provided by Absolute optimized asset life cycle planning

and resource allocation. Infrastructure and hardware costs could easily

run away in larger organizations. With Absolute, the organizations

gained better visibility into endpoint assets and associated infrastructure.

With Absolute-reported utilization rates, IT asset managers could better

optimize hardware, software, and people resource allocation across the

enterprise.

Unquantified benefits. The interviewed organizations also experienced

the following benefits, which are not quantified for this study:

› Near-instant validation of security posture made compliance audits

simpler. In addition to internal compliance audits, many interviewed

organizations were audited by customers, and concerned with meeting

requirements of various regulations, such as the Health Insurance

Portability and Accountability Act (HIPAA), General Data Protection

Regulation (GDPR), and the Payment Card Industry Data Security

Standard (PCI DSS). Absolute’s visibility and faster reporting on

endpoint security posture assured auditors that data was safely stored,

saving time for internal security professionals trying to demonstrate

compliance.

› Absolute Reach provided additional automation time savings for

security operations personnel. Organizations looking to extend

visibility and endpoint control capabilities could leverage Absolute Reach

to query endpoints and deploy automation commands to remediate

vulnerabilities. Absolute Persistence ensured script delivery and

execution for endpoints that went off-network or dark. Security

professionals saved time by deploying commands only once, knowing

that Absolute would send confirmation of execution.

Costs. The interviewed organizations experienced the following costs:

› License-related costs were assessed in annual or multiyear terms.

Absolute licensing can be purchased in one- to five-year terms. For the

purposes of this study, license costs were modeled as annual recurring

purchases, resulting in a PV cost of nearly $1.4 million over three years.

This is based on a large endpoint deployment and is designed to be

representative only.

› Additional costs were incurred for implementation and integration

with existing IT service management (ITSM) and security tools.

Beyond license and support costs, many interviewees encountered

costs to integrate Absolute with their existing security information and

event management (SIEM) and ITSM solutions. The effort required to

integrate the solutions and augment process flows resulted in a PV cost

of $68,590 over three years.

Forrester’s interviews with five existing customers — and subsequent

financial analysis — found that an organization based on these

interviewed organizations experienced benefits of $3.5 million over three

years versus costs of $1.4 million, adding up to a net present value (NPV)

of $2.1 million and an ROI of 146%.

ROI 146%

Benefits PV $3.5 million

NPV $2.1 million

Payback < 6 months


1,260 hours saved by IT help desk annually

2,520 hours saved by IT

SecOps annually

$940K saved from asset

loss reduction annually

$393.9K

$140.7K

$939.1K

$2.0M

Security operationsefficiency

improvement

IT help deskefficiency

improvement

Asset loss reduction Asset life cycleoptimization

Benefits (Three-Year)

Total benefits PV, $3.5M

Total costs PV, $1.4M

Initial Year 1 Year 2 Year 3

Financial Summary

Payback:<6 months


TEI Framework And Methodology

From the information provided in the interviews, Forrester has constructed

a Total Economic Impact™ (TEI) framework for those organizations

considering implementing Absolute.

The objective of the framework is to identify the cost, benefit, flexibility, and

risk factors that affect the investment decision. Forrester took a multistep

approach to evaluate the impact that Absolute can have on an

organization:

DUE DILIGENCE Interviewed Absolute stakeholders and Forrester analysts to gather data relative to Absolute.

CUSTOMER INTERVIEWS Interviewed five organizations using Absolute to obtain data with respect to costs, benefits, and risks.

COMPOSITE ORGANIZATION Designed a composite organization based on characteristics of the interviewed organizations.

FINANCIAL MODEL FRAMEWORK Constructed a financial model representative of the interviews using the TEI methodology and risk-adjusted the financial model based on issues and concerns of the interviewed organizations.

CASE STUDY Employed four fundamental elements of TEI in modeling Absolute’s impact: benefits, costs, flexibility, and risks. Given the increasing sophistication that enterprises have regarding ROI analyses related to IT investments, Forrester’s TEI methodology serves to provide a complete picture of the total economic impact of purchase decisions. Please see Appendix A for additional information on the TEI methodology.

The TEI methodology

helps companies

demonstrate, justify,

and realize the

tangible value of IT

initiatives to both

senior management

and other key

business

stakeholders.

DISCLOSURES

Readers should be aware of the following:

This study is commissioned by Absolute and delivered by Forrester Consulting.

It is not meant to be used as a competitive analysis.

Forrester makes no assumptions as to the potential ROI that other

organizations will receive. Forrester strongly advises that readers use their own

estimates within the framework provided in the report to determine the

appropriateness of an investment in Absolute.

Absolute reviewed and provided feedback to Forrester, but Forrester maintains

editorial control over the study and its findings and does not accept changes to

the study that contradict Forrester’s findings or obscure the meaning of the

study.

Absolute provided the customer names for the interviews but did not participate

in the interviews.


The Absolute Customer Journey

BEFORE AND AFTER THE ABSOLUTE INVESTMENT

Interviewed Organizations

For this study, Forrester conducted five interviews with Absolute

customers. Interviewed customers including the following:

Key Challenges

Interviewees shared a few salient points regarding challenges.

The first point was that their existing state of asset management was

inadequate for managing and securing the endpoints and the data on

those endpoints across the enterprises. The ever-increasing mobility of

their workforce exacerbated the issues, resulting in asset and data

leakage. Assets that “walked” presented issues in this new age of data

protection regulations, with compliance no longer merely a concern, but

a necessity.

Managing endpoints presented additional difficulties for the security and

help desk teams. There was a definitive need for a solution that could

reach endpoints in an automated fashion even while they were off the

enterprise network, and one that was impervious to malicious activity that

would attempt to steal or wipe data. To rapidly respond to incidents,

organizations required an endpoint agent that was rooted with

persistence in systems that offered accompanying remedial automation

and orchestration capabilities.

One interviewee from an engineering consulting firm explained: “Our

asset management was literally just spreadsheets with version control

issues. It’s been a breath of fresh air, really, for us, [with Absolute]

making sure that we have our assets, and knowing where they are and

who’s using them. The real motivation for us, though, was making sure

that our data, and our clients’ data, was safe — as that’s worth a whole

lot more than the devices themselves.”

INDUSTRY REGION INTERVIEWEE NUMBER OF ENDPOINTS AND FTEs

Public infrastructure management

North America Chief information officer 12,000 endpoints and 35,000 mobile FTEs

Multinational CPG Worldwide IT asset manager 160,000 endpoints and 145,000 mixed mobility FTEs

Healthcare North America Information security manager

16,000 endpoints and 15,000 mixed mobility FTEs

Engineering consulting Worldwide Global IT asset manager, Endpoints manager

18,000 endpoints and 16,000 mobile FTEs

Corporate legal services Europe Information security manager

7,000 endpoints and 6,000 mixed mobility FTEs

“We bought Absolute because

of our workforce being so

mobile that we needed the

ability to track the devices so

that, in the case of theft, we

would have the ability to wipe

the data. The security

compliance piece has become

a value-add that we leverage

fully today.”

CIO, public infrastructure

company


› Organizations needed a new endpoint security solution that was

resilient and able to survive malicious or negligent attacks, even

after hard drive or OS wipes. IT managers needed to be able to

identify and freeze regulated data for the thousands of machines that

had gone dark and fallen off their asset database. Business leaders

wanted accountability for budgetary spend, data hygiene, and endpoint

agent compliance. With Absolute’s Persistence technology embedded

in the basic input/output system (BIOS) of their endpoints — deeper

than the operating system (OS) or application layer — they had the

resilience necessary to satisfy their requirements.

› Business leaders did not want to be in tomorrow’s news

headlines. With so many lost or stolen devices, IT teams needed to

look beyond drive encryption to protect their company’s data and

intellectual property (IP). What if the data was accessed? How would

they be able to prove compliance to their clients and regulatory bodies

when they couldn’t find the endpoints that were dark at the time?

These issues needed to be solved, not only for the security operations

(SecOps) professionals and compliance managers, but also for sales

executives who needed to give clients a degree of confidence to

engage in business.

› Organizations could not easily reach or handle off-network

devices that needed urgent security patches or policies for rapid

remediation. Effective incident response required the ability to

automate remediation actions across the entire network concurrently,

but the existing endpoint patching solutions had a poor rate of

completion and compliance reporting. Organizations needed a solution

that identified enterprise endpoints to validate patches and security

posture, as breaching a single endpoint could lead to more data stolen

from the enterprise network, once it resurfaced inside the network

demilitarized zone (DMZ). To combat this, automation defined by an

endpoint solution was critical to helping to orchestrate quicker incident

remediation.

› Common asset leakage of company equipment drove these

organizations to find a solution that discouraged future theft. In

speaking about his organization, one asset manager couldn’t fathom

how his organization had 20% more endpoint units than business full-

time equivalents (FTEs), even with loaner laptops accounted for. He

hypothesized that employees may have taken company laptops for

unauthorized home use. Not only did the organization need these

nonmalicious thefts to stop, but it also needed a way to counter

malicious theft.

“Absolute Persistence gives us

assurance that theft is not a

recurring scenario and that

stolen devices don’t become

breach liabilities. Our other

tools were not able to detect

these devices and give us the

sense of security that we now

have.”

InfoSec manager, healthcare

organization


Key Results

The interviews revealed several key results from the Absolute

investment:

› Workforces have become increasingly mobile — bringing their

work and the data they need to do their job home, to client sites,

to different continents — but Absolute covered them even when

they went offline. With Absolute, machines containing regulated data

that go offline become visible as soon as any network connectivity is

available. Organizations were able to define these machines and keep

the master image and security posture of their endpoint agents as

headquarters intended it; even the most sophisticated device users

couldn’t disable it. Without Absolute, endpoints could go dark for a long

time, making security patches and posture difficult to update. Theft was

also curtailed, as geolocation information could be pulled and

machines could be frozen or wiped remotely.

› SecOps and compliance managers gained an extra layer of

protection with the power to automate remedial security response

actions, including the ability to execute remote commands and

wipe/freeze drives and devices. Security operators were empowered

with the information to best handle situations — in some instances

retrieving many hours of work on laptops that had been inadvertently

misplaced by employees. The telemetry data provided by Absolute let

people retrieve their laptops more quickly, while having their data

protected with a temporary freeze. Proving compliance after Absolute

was also a dramatically easier activity, with more current reports and

automated telemetry-based automation showing compliance on drive

encryption, antivirus, or security policies across the endpoints.

› Organizations gained the ability to look at endpoint utilization

rates— leading to better allocation of units and optimization of

overall infrastructure assets. If an endpoint was only being used for

solitaire twice a week, or other personal tasks with no business value,

why leave the asset in that location? Many IT asset managers found

cases such as this and expected to be able to either reallocate or retire

10% of the endpoints and related infrastructure. In subsequent

discussions, organizations were able to align the correct equipment

purchases with required and utilized capabilities, using insight provided

by Absolute which indicated that, for some users, overpowered devices

were simply unnecessary.

› Help desk efficiency increased as recent device information was

more consistently available. On average, IT help desk personnel

were able to save 10 minutes per call for IT requests that necessitated

a scan of the endpoint. When integrated with an ITSM, even greater

time savings were realized.

› Noncompliant software that could lead to data breaches and BSA

Software Alliance fines was detected and removed. In some cases,

multiple copies of costly software were found. Some of the software

removed included pirated versions, avoiding additional new security

issues on the east-west traffic portion of the network.

› Theft decreased once Absolute was deployed. While some

interviewees noted consistent losses prior to Absolute, both malicious

and nonmalicious theft decreased greatly as potential thieves realized

stolen devices were now worthless to them.

“One of our largest challenges

with our remote workforce was

the ability to monitor and help

users on the endpoints. As our

IT staff has consolidated over

the years, Absolute helps us

by enforcing our policies,

instead of using our people

resources.”

CIO, public infrastructure

company

“There’s nothing else out there

that gives us that complete

visibility of our devices. . . .

And it’s very much an

insurance policy for us,

knowing that, as much as we

protect our data, should the

devices disappear, we can

safely say to our clients, ‘The

data has been wiped; you

don’t need to worry.’”

InfoSec manager, corporate legal

services company


Composite Organization

Based on the interviews, Forrester constructed a TEI framework, a

composite company, and an associated ROI analysis that illustrates the

areas financially affected. The composite organization is representative

of the five companies that Forrester interviewed and is used to present

the aggregate financial analysis in the next section. The composite

organization that Forrester synthesized from the customer interviews has

the following characteristics:

Description of composite. This is a multibillion dollar organization

doing business around the world. Employees travel, often accessing

multiple network connections. Due to the transient nature of the

workforce, most endpoint devices are PC laptops, complete with disk

encryption and the latest antivirus (AV) software. The work provided by

the composite collects a large amount of PII (personally identifiable

information) and is regulated by bodies throughout the globe.

GDPR is a concern, as is the enterprise’s coverage of various parts of

Europe. Many locales dictate data residencies within those countries.

Without a data center in all of the various countries, some data will

inevitably need to be saved locally, making encryption and endpoint

monitoring especially important.

Deployment characteristics. Much of the Absolute deployment was

done in the initial year, taking no more than the first week to have

everything running with the cloud command center. Endpoint

management and security were consolidated and used to:

1) Provide asset management of endpoints easily in one location.

2) Enable information sharing with the security tool stack generally,

and SIEM in particular.

3) Optimize SecOps and help desk productivity with greater

endpoint visibility.

Key assumptions

- 16,000 business FTEs

- 18,000 endpoint devices

- Mobile workforce largely

using laptop PCs


The table above shows the total of all benefits across the areas listed below, as well as present values (PVs) discounted at 10%. Over three years, the composite organization expects risk-adjusted total benefits to be a PV

of more than $3.5 million.

Financial Analysis

QUANTIFIED BENEFIT AND COST DATA AS APPLIED TO THE COMPOSITE

Benefit 1: Security Operations Efficiency

Improvement

Interviewees experienced approximately 1,000 security-related incidents

per month, occurring most frequently at the endpoint level; for example,

an end user opening a malicious email attachment. These incidents are

on the rise and can be much higher in certain verticals.

Organizations could more quickly identify and remediate endpoints

because of the more frequent logging provided by the Absolute platform,

especially when used in conjunction with SIEMs.

› Without Absolute, the data from endpoints was at times very stale,

requiring a fresh pull that often lengthened the mean-time-to-fix.

› Security incident responders spent the greatest amount of time to

triage and analyze the incidents, which most frequently originate from

the endpoint. Using Absolute’s rapid information delivery as soon as

a device appeared online, security responders saved as much as 12

minutes per incident. When Absolute was used in conjunction with

SIEMs and incident response solutions, the savings were even

greater.

Every second counts when it comes to the time-to-know aspect of

security incidents. Organizational data might be stolen as a responder

is still solving the issue. Having Absolute is the safety net that allows

organizations to freeze the endpoint to stem any damage and then

remediate and return the endpoint to productivity.

The composite organization has not been modeled to include the value

of data breaches, but reports on the cost of similar breaches are widely

available from Ponemon Institute. Instead, the hard cost of SecOps

effort and time has been captured and represented in the table below.

Over three years, the composite organization realized $393,904 in PV.

Information security

professionals can save 12

minutes in the analysis

and triage phase on every

security-related response

with Absolute.

Total Benefits

Ref. Benefit Year 1 Year 2 Year 3 Total Present Value

Atr Security operations efficiency improvement

$151,200 $158,760 $166,698 $476,658 $393,904

Btr IT help desk efficiency improvement

$54,000 $56,700 $59,535 $170,235 $140,680

Ctr Asset loss reduction $385,560 $364,354 $382,572 $1,132,486 $939,060

Dtr Asset life cycle optimization $1,231,200 $575,618 $604,399 $2,411,218 $2,049,085

Total benefits (risk-adjusted) $1,821,960 $1,155,433 $1,213,204 $4,190,597 $3,522,729


IT help desk efficiency improvement: 4% of total

benefits

Benefit 2: IT Help Desk Efficiency Improvement

Each interviewed organization had some form of IT ticketing system. By

integrating Absolute to feed more up-to-date endpoint information to their

ITSM solution, help desk personnel could more quickly understand the

situation surrounding a service request.

Prior to using Absolute, their dark endpoints often had disparity in their

patches and software versions, causing additional investigational work

for the team. Integrations with ITSM solutions made the job easier, and

even without a formal IT ticketing system, the freshness of Absolute data

contributed to a decrease in the detective work that IT had to perform.

For the composite organization, Forrester assumes that:

› The IT help desk handles 15,000 service-related requests in a month,

with 5% user growth yearly.

› The percentage of service requests requiring an endpoint assessment

is conservatively 20%.

› Absolute provides, on average, 20% better resolution to endpoints

than existing solutions.

› IT help desk personnel can realize savings of 10 minutes per incident

with Absolute in place.

The total gain in efficiency netted the composite organization a minimum

of 1,200 hours per year, and possibly more with deeper integrations with

ITSM systems. Total three-year savings were $140,680 PV.

Security Operations Efficiency Improvement: Calculation Table

Ref. Metric Calculation Year 1 Year 2 Year 3

A1 Endpoint management triage savings per incident (minutes)

12 12 12

A2 Endpoint-related security incidents 1,000 monthly * 12 months + 5% annual growth

12,000 12,600 13,230

A3 Security operations professional hourly rate

$105,000 annually * 1.2X benefits multiplier / 2,000 hours

$63 $63 $63

At Security operations efficiency improvement A1*A2*A3/60 $151,200 $158,760 $166,698

Risk adjustment 0%

Atr Security operations efficiency improvement (risk-adjusted)

$151,200 $158,760 $166,698

4%

three-year benefit PV

$140,680


Asset loss reduction: 27% of total benefits

Benefit 3: Asset Loss Reduction

The large global consumer packaged goods (CPG) organization that

Forrester interviewed was losing over 2% of endpoint devices per year,

with one-third of that loss to intentional theft alone. The value of the

asset loss was over $1 million annually, without even considering the

potentially astronomical value of the data.

One organization characterized its data as heavy in PII and client IP.

“Having Absolute gives us that safety net to make sure that none of the

data ends up in the wrong hands,” said one information security

manager. “We are quizzed on and audited by our clients regularly — and

we have to show that we are compliant. So, the value is really in the

data.”

› Forrester has chosen not to quantify the value of data across these

enterprises, as its value — and varying likelihood of breaches —

translates to different negative results for companies across different

verticals.

› It is, however, possible to quantify endpoint asset loss, including units

that are removed inadvertently and those units taken with malicious

intent.

IT Help Desk Efficiency Improvement: Calculation Table


B1 Help desk service requests 15,000 monthly * 12 months + 5% annual growth

180,000 189,000 198,450

B2 Percentage of service requests requiring endpoint assessments

20% 20% 20%

B3 Percentage improvement on updated endpoint information compared to existing solution

20% 20% 20%

B4 Minutes saved with up-to-date endpoint information, per request

10 10 10

B5 Hourly salary of IT help desk responder

$75,000 annually * 1.2X benefits multiplier / 2,000 hours

$45 $45 $45

Bt IT help desk efficiency improvement B1*B2*B3*B4*B5/60

$54,000 $56,700 $59,535

Risk adjustment 0%

Btr IT help desk efficiency improvement (risk-adjusted)

$54,000 $56,700 $59,535

27%


$939,060


Impact risk is the risk that the business or technology needs of the organization may not be met by the investment, resulting in lower overall total benefits. The greater the uncertainty, the wider the potential range of outcomes for benefit estimates.

Using our composite modeling of indicators presented by all interviewees, Forrester has concluded:

› Endpoints going dark as a result of human error or negligence are

highly recoverable, especially when compared to those taken with

malicious intent.

› Nonmalicious losses occur roughly 2% of the time across the endpoint

landscape; on average, 80% of these can be recovered. Devices can

be frozen if the incident happened very recently, avoiding a full image

restore.

› Malicious endpoint losses occur on a much less frequent rate: 0.5%

across the enterprise. An example is laptops taken by an employee or

contractor, who then attempts to sell the unit. Recovery rates on these

are generally poor, at around 20%.

› If there is a malicious endpoint loss:

• The device can be wiped remotely, limiting the damage to the

loss of equipment.

• The machine will be locked and unusable, and turning it on will

display a message indicating that the machine was stolen.

• Thieves are less likely to steal from the organization again, as

all machines will turn into zero-value units.

• Processes built around Absolute for device management also

contribute to the decrease of internally arising theft.

Considering these loss rates and the average cost of laptops, the

composite organization reaped a three-year PV benefit of $1,043,400.

Impact risk was applied to this benefit group due to the variability in

endpoint costs and existing processes surrounding theft prevention. To

reflect this risk, Forrester has downward adjusted the benefit value by

10% for a risk-adjusted three-year PV of $939,060.

Recover up to 80% of

endpoint devices lost

due to nonmalicious

intent.

Asset Loss Reduction: Calculation Table


C1 Total endpoints on Absolute 18,000 17,010 17,861

C2 Nonmalicious endpoint loss rate — taken home or forgotten inadvertently

2.0% 2.0% 2.0%

C3 Malicious endpoint loss rate 0.5% 0.5% 0.5%

C4 Nonmalicious loss recovery rate 80% 80% 80%

C5 Malicious loss recovery rate 20% 20% 20%

C6 Cost of endpoint point hardware, per unit $1,400 $1,400 $1,400

Ct Asset loss reduction ((C1*C2*C4)+(C1*C3*C5))*C6

$428,400 $404,838 $425,080

Risk adjustment ↓10%

Ctr Asset loss reduction (risk-adjusted) $385,560 $364,354 $382,572


Asset life cycle optimization: 58% of total

benefits

Benefit 4: Asset Life Cycle Optimization

Interviewed organizations’ IT teams were consistently under pressure to

deliver better experiences while reducing budgets for infrastructure and

people. With the Absolute platform in play, the organizations

encountered better and more accurate visibility into their endpoints and

the infrastructure that served them. Without Absolute Persistence

technology, budgeting and planning for new systems was often

uninformed by accurate data, with devices allocated in an ad hoc

manner.

› Following the introduction of Absolute, some organizations were able

to find underutilized assets — to the tune of 10% of all endpoints in the

initial year of use. For example, some laptops were only used once a

week for light utility, forming the basis for organizations to consolidate

or sunset them altogether.

› As some of the software was still licensed at the device level, systems

that were retired decreased the ongoing cost of software licensing.

› Support costs, calculated at 20% of the hardware and software value,

were eliminated for the 10% of endpoints that were sunsetted. The

initial cost of the endpoint hardware was not counted toward final

savings figures.

Forrester assumes that for the composite organization, no financial benefit will arise from the sunsetting of the hardware itself, as it is depreciated across a three-year timeline. Software and support costs were ongoing and have thus been included in the results. Continued usage of Absolute in years 2 and 3 introduced additional optimization: avoidance of 2% of yearly endpoint, software, and infrastructure purchases through better allocation of existing resources and total visibility of usage trends.

The value gained from optimizing the allocation and sunsetting some endpoints amounted to $2,276,761 PV over three years for the composite organization. Refresh cycles were now aligned with enterprise needs, rather than being tied to formal three-year refresh cycles.

The benefit outcome of this grouping may change for organizations that

are moving toward user-based software-as-a-service (SaaS) licenses,

which can reduce savings from endpoint resource allocation

optimization. Forrester identifies this as an impact risk.

To account for this risk, Forrester adjusted this benefit downward by

10%, yielding a three-year, risk-adjusted total PV of $2,049,085.

Upwards of 10% of

existing endpoints can

be retired after visibility

created by Absolute.

58%


$2.0 million


Unquantified Benefits

While not quantified, interviewees experienced additional benefits that

Forrester deems important in the evaluation of Absolute. They are as

follows:

› Compliance- and audit-related activity became more efficient for

both security professionals and auditors. With standard endpoint

software solutions, organizations saw rates of 85% to 90%. To

determine this, a query would have to be broadcast, which could miss

devices that were off the network or powered off. With Absolute

Persistence technology, pings only needed to be sent once and

returned when connectivity was reestablished. This resulted in higher

visibility for compliance auditors, for both security posturing and data

protection. By eliminating the need to constantly ping and guess the

state of some endpoint devices, auditors and security professionals

could complete their jobs considerably faster, for as many as 40

audits — e.g., SOX, client-requested, or internal IT — every year.

› Application Persistence — the ability to remediate applications

on the endpoint — further decreased IT help desk and

compliance-related efforts. Encryption, security, and other key

applications that were necessary on endpoints became impervious to

end user modification and removal. Application Persistence

eliminated the need for IT help desk personnel to redistribute or

configure applications while ensuring that compliance coverage was

continuous.

“We were only able to

visibly account for 90% of

our endpoint devices

previously, and never

mind what that meant for

compliance. We’re now

able to track 99% or

greater of our devices —

down to the geolocation

and activity level.”

~IT asset manager,

multinational CPG

Asset Life Cycle Optimization: Calculation Table


D1 Value of endpoints and associated infrastructure retired — hardware

10% of total endpoints/ infrastructure being underutilized

$2,520,000

D2 Value of software licenses associated to endpoints retired

$400 per endpoint $720,000 $136,080 $142,884

D3 Support cost of endpoints retired (D1+D2)*20% $648,000 $27,216 $28,577

D4 New refresh purchases avoided inclusive of hardware and software

2% of new refresh purchases

$476,280 $500,094

Dt Asset life cycle optimization D2+D3+D4 $1,368,000 $639,576 $671,555

Risk adjustment ↓10%

Dtr Asset life cycle optimization (risk-adjusted) $1,231,200 $575,618 $604,399


› Pirated and noncompliant software was eliminated from

endpoints, reducing organizational liability and security risk. With

Absolute, some interviewees could identify noncompliant software and

remove it from the machines. While not every organization will

experience this benefit, the ramifications of such misuse can lead to

more than merely fines from the BSA. Software such as peer-to-peer

file transfers can lead to increased risk in the form of malicious code

and increased infrastructure usage.

Flexibility

The value of flexibility is unique to each customer, and the measure of its

value varies from organization to organization. There are multiple

scenarios in which a customer might choose to implement Absolute and

later realize additional uses and business opportunities:

› Some of the interviewed organizations had recently begun using

Absolute Reach, allowing them to increase SecOps efficiency by

scripting custom commands and deploying a single time across the

enterprise. Applying custom queries and dictating custom scripts to the

endpoints is possible in the latest version of Absolute’s platform. With

Reach technology, security professionals need only to deploy once, as

all endpoints will receive the instruction set upon connection to the

internet. The uses of such scripts are many, but the real productivity

booster is being able to orchestrate and automate endpoint actions

with the “deploy once” characteristic on Absolute versus multiple

deployment efforts with other solutions.

Flexibility would also be quantified when evaluated as part of a specific

project (described in more detail in Appendix A).


The table above shows the total of all costs across the areas listed below, as well as present values (PVs) discounted at 10%. Over three years, the composite organization expects risk-adjusted total costs to be a PV of more than $1.4 million.

Cost 1: License-Related Costs

License costs were the largest portion of costs assumed by the

composite organization. Licenses were bought on a yearly schedule, to

account for anticipated changes in its infrastructure and endpoint asset

base. Support costs were also added, for a final three-year PV cost of

$1.36 million.

› Absolute licensing costs are based upon retail list pricing at the

annual level for a specific number of total endpoints. Negotiations and

longer-term contracts could lower the license and support costs.

Contact an Absolute salesperson to receive a more exact pricing

schedule for your organization.

› Pricing includes features available at the time of the survey

completion, which includes the Absolute Reach capability and

Application Persistence.

› Licensing costs have taken into account both user growth and

retirement of underutilized endpoint assets, as reflected by the lower

costs in Year 2.

› Many of the interviewed organizations initiated the journey to adopt

Absolute through hardware vendors. Negotiating through them is one

option; others include purchasing through systems implementers, or

Absolute directly.

› The purchase of an entire new wave of endpoint devices at one time is

not standard. Forrester recommends exploring purchase options with

all available channels to determine the best fit for your purchase.

There is very little risk of the licensing to exceed the list pricing modeled

for the composite organization. Over a three-year horizon, Forrester

estimates the total PV cost to be $1,362,027.

Total Costs

Exploring all channels of

purchase may yield a

lower cost of licensing,

especially when

purchasing in large

quantities.

Ref. Cost Initial Year 1 Year 2 Year 3 Total Present Value

Etr License-related costs $539,100 $0 $509,450 $534,922 $1,583,471 $1,362,027

Ftr Implementation and integration costs

$30,378 $21,507 $11,827 $11,827 $75,539 $68,590

Total costs (risk-adjusted) $569,478 $21,507 $521,277 $546,749 $1,659,011 $1,430,617


Implementation risk is the risk that a proposed investment may deviate from the original or expected requirements, resulting in higher costs than anticipated. The greater the uncertainty, the wider the potential range of outcomes for cost estimates.

three-year cost PV

$68,590

Implementation, integration, and process

reengineering: 5% of total costs

Cost 2: Implementation And Integration Costs

The remaining variable piece of implementation, integration, and process

reformation comprises a small part of the overall costs. Implementation-

related work amounted to less than 5% of the entire cost representation,

coming in at $62,355 PV over three years, before risk adjustment.

Organizations varied in the degree to which they incorporated and

utilized Absolute. For example:

› For those that had deployed Absolute for Persistence-based asset

management, the costs were next to zero, as Absolute was already

integrated into the firmware of their devices (as it is with most device

manufacturers).

› The other organizations experienced approximately one month of

integration and implementation. These organizations, like the

composite, had taken a more engaged approach, which utilized

Absolute for compliance-, security-, and help desk-related measures.

This month was largely dedicated to piping Absolute and its data into

existing solutions such as SIEMs and ITSM. The advantage of

connecting these systems is outlined above, in the Benefits category.

Forrester blended the data from organizations that integrated Absolute

with other systems and arrived at the following findings on the equivalent

internal and external costs for the composite:

› Approximately 160 hours were utilized from internal resources —

primarily SecOps team members and DevOps personnel — to craft the

most efficient approach to funnel data from Absolute to other solutions.

› Workflows and process were also updated to ensure a smooth

carryover with the addition of Absolute.

Implementation, integration, and process improvements were largely

conducted in the first year of usage, with only incremental improvements

in subsequent years. The variability, however, is that some organizations

may choose to further leverage the Absolute solution with Application

Persistence, or to orchestrate endpoint administration through Absolute

Reach. Given these variables, Forrester has applied an implementation

risk that accounts for these additional functionality features and the

variance in cost of implementation between the labor forces of each

organization.

To account for these risks, Forrester adjusted this cost upward by 10%,

yielding a three-year risk-adjusted total PV of $68,590.

One month

Implementation and

integration took no

more than one month.

License-Related Costs: Calculation Table

Ref. Metric Calculation Initial Year 1 Year 2 Year 3

E1 License and support costs $539,100 $509,450 $534,922

Et License-related costs E1 $539,100 $0 $509,450 $534,922

Risk adjustment 0%

Etr License-related costs (risk-adjusted) $539,100 $0 $509,450 $534,922


Implementation And Integration Costs: Calculation Table

Ref. Metric Calculation Initial Year 1 Year 2 Year 3

F1 Integration costs — internal (hours) 160

F2 Integration costs — professional services

$8,800 $8,800

F3 Process reconfiguration — internal (hours)

120 160 160 160

F4 Internal IT manager hourly compensation, fully loaded

$112,000 * 1.2X benefits multiplier / 2,000 hours

$67.20 $67.20 $67.20 $67.20

Ft Implementation and integration costs

F1*F4+F3*F4+F2

$27,616 $19,552 $10,752 $10,752

Risk adjustment ↑10%

Ftr Implementation and integration costs (risk-adjusted)

$30,378 $21,507 $11,827 $11,827


The financial results calculated in the Benefits and Costs sections can be used to determine the ROI, NPV, and payback period for the composite organization’s investment. Forrester assumes a yearly discount rate of 10% for this analysis.

Financial Summary

CONSOLIDATED THREE-YEAR RISK-ADJUSTED METRICS

Cash Flow Chart (Risk-Adjusted)

-$1.0 M

-$0.5 M

$0.5 M

$1.0 M

$1.5 M

$2.0 M

$2.5 M

$3.0 M

Initial Year 1 Year 2 Year 3

Cashflows

Total costs

Total benefits

Cumulative net benefits

These risk-adjusted ROI,

NPV, and payback period

values are determined by

applying risk-adjustment

factors to the unadjusted

results in each Benefit and

Cost section.

Cash Flow Table (Risk-Adjusted)

INITIAL YEAR 1 YEAR 2 YEAR 3 TOTAL PRESENT VALUE

Total costs ($569,478) ($21,507) ($521,277) ($546,749) ($1,659,011) ($1,430,617)

Total benefits $0 $1,821,960 $1,155,433 $1,213,204 $4,190,597 $3,522,729

Net benefits ($569,478) $1,800,453 $634,156 $666,455 $2,531,586 $2,092,112

ROI 146%

Payback period < 6 months


Absolute: Overview

The following information is provided by Absolute. Forrester has not

validated any claims and does not endorse Absolute or its offerings.

Absolute Ensures Endpoint Visibility, Control, And

Compliance — Beyond the Network

The Absolute platform enables IT security organizations to track every

endpoint, find at-risk data, rapidly remediate vulnerabilities, and ensure

compliance in the face of insider and external threats.

Absolute endpoint visibility and control saves organizations millions of

dollars in security operations and IT asset management costs, while

ensuring ongoing compliance. It cannot be disabled, protecting data,

assets, and users — wherever they go.

Absolute delivers:

› Deep and persistent contextual awareness into hundreds of user and

endpoint attributes to eliminate blind spots.

› Remote control over all endpoints devices to query, explore, and

remediate — even when traditional options fail.

› Rapid response to stop and remediate incidents through automated

triggers and custom workflow execution.

› Precision insights into any endpoint to mitigate risk and prove

compliance.

› Unstructured data discovery and automated remediation to protect

regulated data and ensure compliance with GDPR, HIPAA, HITECH,

PCI, and other regulations.

› Rapid vulnerability assessment and remediation to stop ransomware

attacks as they happen.

› Advanced IT asset management and security hygiene with the ability

to seamlessly execute custom commands against targeted devices in

just a few clicks.

› Instant activation across all endpoints without additional infrastructure

needed.

Absolute’s patented Persistence technology is already embedded in the

firmware of more than one billion PC and mobile devices, integrated with

hundreds of endpoint security controls, and trusted by over 15,000

customers worldwide.

To discover the benefits that Absolute’s endpoint visibility and control platform can provide to your organization, visit www.absolute.com

http://www.absolute.com/


Appendix A: Total Economic Impact

Total Economic Impact is a methodology developed by Forrester

Research that enhances a company’s technology decision-making

processes and assists vendors in communicating the value proposition

of their products and services to clients. The TEI methodology helps

companies demonstrate, justify, and realize the tangible value of IT

initiatives to both senior management and other key business

stakeholders.

Total Economic Impact Approach

Benefits represent the value delivered to the business by the

product. The TEI methodology places equal weight on the

measure of benefits and the measure of costs, allowing for a

full examination of the effect of the technology on the entire

organization.

Costs consider all expenses necessary to deliver the

proposed value, or benefits, of the product. The cost category

within TEI captures incremental costs over the existing

environment for ongoing costs associated with the solution.

Flexibility represents the strategic value that can be

obtained for some future additional investment building on

top of the initial investment already made. Having the ability

to capture that benefit has a PV that can be estimated.

Risks measure the uncertainty of benefit and cost estimates

given: 1) the likelihood that estimates will meet original

projections and 2) the likelihood that estimates will be

tracked over time. TEI risk factors are based on “triangular

distribution.”

The initial investment column contains costs incurred at “time 0” or at the

beginning of Year 1 that are not discounted. All other cash flows are discounted

using the discount rate at the end of the year. PV calculations are calculated for

each total cost and benefit estimate. NPV calculations in the summary tables are

the sum of the initial investment and the discounted cash flows in each year.

Sums and present value calculations of the Total Benefits, Total Costs, and

Cash Flow tables may not exactly add up, as some rounding may occur.

PRESENT VALUE (PV)

The present or current value of (discounted) cost and benefit estimates given at an interest rate (the discount rate). The PV of costs and benefits feed into the total NPV of cash flows.

NET PRESENT VALUE (NPV)

The present or current value of (discounted) future net cash flows given an interest rate (the discount rate). A positive project NPV normally indicates that the investment should be made, unless other projects have higher NPVs.

RETURN ON INVESTMENT (ROI)

A project’s expected return in percentage terms. ROI is calculated by dividing net benefits (benefits less costs) by costs.

DISCOUNT RATE

The interest rate used in cash flow analysis to take into account the time value of money. Organizations typically use discount rates between 8% and 16%.

PAYBACK PERIOD

The breakeven point for an investment.

This is the point in time at which net

benefits (benefits minus costs) equal

initial investment or cost.

Documents

The Total Economic Impact™ Of Absolute · For additional information, go to forrester.com. 1 | The Total Economic Impact™ Of Absolute Executive Summary Absolute is a cloud-based